The danger to critical infrastructure posed by malware has once again been highlighted after a computer worm was discovered in a device connected to the control system of a South Korean nuclear power plant.

The discovery comes just days after a German steelworks suffered “massive damage” after a cyber attack on its computer network.

Nuclear Plant

Korea Hydro & Nuclear Power Co Ltd is the operator of nuclear power plants in South Korea. According to Reuters, it found and then removed a low-risk computer ‘worm’ on a device connected to some nuclear plant control systems. However, it insisted that no harmful virus were found in the reactor controls itself.

In response the firm said it would bolster cyber security by hiring more IT security experts and forming an oversight committee.

“We will prepare fundamental improvement measures by enhancing nuclear power’s safe operation and hiking information security systems to the highest level following this cyber attack case,” Korea Hydro and Nuclear Power reportedly said in a statement.

The discovery comes after the company admitted that its headquarters computer system had been hacked earlier in December, and that data had been stolen from its systems. A hacker reportedly used Twitter to threaten to close three reactors, and the company then carried out a full audit of its systems, which revealed the low-risk worm in a device connected to the control tower.

But authorities were quick to reassure that the worm did not reach the actual control systems of the nuclear power plant.

The control systems of the two complexes housing those reactors had not been exposed to any malignant virus, Seoul’s energy ministry and nuclear watchdog was reported to have said in a joint statement on Tuesday. It said the systems were inaccessible from external networks.

Energy Minister Yoon Sang-jick reportedly said that the worm had probably been inadvertently introduced by workers using unauthorised USB devices.

Infrastructure Dangers

The potential risk to systems controlling critical infrastructure and industrial systems remains a worry for many governments and authorities around the world.

The dangers to infrastructure was first revealed to the world years ago when the malware known as Stuxnet, caused damage to nearly 3,000 centrifuges in the Natanz facility in Iran.

Researchers have previously warned that security weaknesses in industrial control systems could allow hackers to create cataclysmic failures in infrastructure.

For example the United States has passed legislation that would protect its electricity grid from attacks. The GRID Act would direct the FERC (Federal Energy Regulatory Commission) to take measures to protect the electricity grid from telecommunications intrusions.

Are you a security pro? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

2 days ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

2 days ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

2 days ago

Foldable Shipments Slow In China Amidst Global Growth Pains

Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…

2 days ago

Google Proposes Remedies After Antitrust Defeat

Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal

2 days ago

Sega Considers Starting Own Game Subscription Service

Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…

2 days ago